pm 28.9.0.2 rpm and dpkg rc1

3 files changed, 75 insertions, 2 deletions

diff --git a/palemoon/debian/changelog b/palemoon/debian/changelog
index 67d8f95..68e0945 100644
--- a/palemoon/debian/changelog
+++ b/palemoon/debian/changelog
@@ -1,3 +1,73 @@
+palemoon (28.9.0.2-1+devuan) obs; urgency=medium
+
+  *  This is a small bugfix update addressing 2 more important issues in 28.9.0.
+    - Fixed an issue with browser migration and initialization code causing various browser run-time problems.
+    - Fixed an issue with cache behavior where some users would have trouble having their windows and tabs restored in "soft refresh" mode (see v28.9.0 release notes).
+    - To solve this, we reverted to the previous (pull from cache) mode for now while we investigate the cause.
+
+ -- Ben Stack <bgstack15@gmail.com>  Thu, 26 Mar 2020 07:50:02 -0400
+
+palemoon (28.9.0.1-1+devuan) UNRELEASED; urgency=medium
+
+  * From releasenotes.shtml: This is a small update to address a breaking issue with user-agent override strings, causing problems on certain websites for a number of our users.
+
+ -- Ben Stack <bgstack15@gmail.com>  Thu, 26 Mar 2020 06:50:02 -0400
+
+palemoon (28.9.0-1+devuan) UNRELEASED; urgency=medium
+
+  * From releasenotes.shtml: This is a major development update.
+  * New features
+    - Implemented asynchronous iterators (`await iterator.next()` and `for await` loops) (ES2018)
+    - Implemented promise-based media playback.
+    - Implemented non-standard legacy CSSStyleSheet rules functions.
+    - Implemented the html5 `<dialog>` element. To switch this on, flip `dom.dialog_element.enabled` to true.
+    - Implemented the optional hiding of pinned tabs in CtrlTab/AllTab panes. (controlled through the preferences `browser.ctrlTab.hidePinnedTabs` and `browser.allTabs.hidePinnedTabs`)
+    - Added 1.25x playback speed to html media elements.
+    - Added a hidden pref (`browser.places.smartBookmarks.max`) to control the sizes of default smart bookmarks categories.
+  * Changes/fixes
+    - Aligned `document.open()` with the overhauled specification.
+    - Aligned the way DOM styles are computed with mainstream browser behavior.
+    - Removed the (unused) DOM promise implementation.
+    - Enabled seeking to next frame in media files.
+    - Enabled dynamic UA updates for emergency use.
+    - Implemented rule processing stub for font-variation-settings.
+    - Increased the maximum XML nesting depth to 2048 levels for extreme corner cases and to conservatively align with other browsers.
+    - Improved the privacy of geolocation lookup calls, with thanks to a generous service donation from ip-api.com
+    - Improved reporting of the operating system in site-specific user-agent overrides.
+    - Improved table drawing performance again after the rewrite for sticky positioning making it slower.
+    - Updated CSP processing to allow custom scheme wildcards to be specified without a port.
+    - Aligned the behavior of outlines with other browsers when dealing with CSS-repositioned elements.
+    - Changed the way hardware acceleration is controlled from the application.
+    - Changed the default monospace font for main languages from Courier New to Consolas.
+    - This provides a more balanced font for fixed-width text that is slightly more condensed and more in line with the naturally compacter variable-width fonts used everywhere else.
+    - Changed the browser's behavior when restoring tabs from previous sessions. To prevent stale pages, it will now by default perform a "soft refresh" of the page instead of drawing it purely from cache without checking if the page needs updating. If you prefer the old behavior, set `browser.sessionstore.cache_behavior` to 0 in about:config.
+    - Updated NSPR to 4.24 and NSS to ~3.48.1-RTM, removing the previous custom patch level with NSS being able to support custom rounds for DBM now.
+    - For extensive release notes with all NSS changes, see [NSS_Releases](https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_Releases)
+    - Implemented an NSS performance optimization for Master Password use with limited effect.
+    - Fixed some potential crashing scenarios with WebGL on Linux.
+    - Completely removed `showModalDialog`.
+    - Disabled some logging in production builds.
+    - Removed various gadgeteering/redundant/dead DOM APIs (casting/presentation, FlyWeb)
+    - Removed support for a number of critical libraries being system-supplied.
+    - Removed "Copy raw data" button from the troubleshooting information page, since it's never used by us in that format, and users mistakenly keep using it instead of copying text.
+    - Removed a bunch of Android and iOS support code.
+    - Fixed an issue with form elements sometimes being incorrectly disabled.
+    - Fixed several crashes.
+    - Fixed an issue with Captive Portal detection sometimes firing even when disabled by the user.
+    - Performed various tree-wide code cleanups.
+    - Backed out a large code cleanup patch for causing subtle issues in website operation (e.g. WordPress). This will have to be revisited later; the reintroduced code is not in use in practice.
+    - Cleaned up the application updater code.
+  * Security-related fixes:
+    - Fixed a potential pointer issue in cubeb. DiD
+    - Disabled allowing remote jar: URIs by default for security reasons. If you need this functionality for your non-standard environment, you can enable it with the preference `network.jar.block-remote-files`, but please consider moving away from this method of providing web-based applications.
+    - Removed a potentially dangerous and otherwise ineffective optimization from the JavaScript engine.
+    - Fixed unwanted behavior where created/focused pop-up windows could potentially cover the DOM fullscreen notification, hiding it from users. (CVE-2020-6810)
+    - Fixed an issue where copying data as a curl request from developer tools would not properly escape parameters. (CVE-2020-6811)
+    - Updated our sctp library code with several upstream fixes.
+    - Unified XUL Platform Mozilla Security Patch Summary: 4 fixed, 3 already mitigated, 1 rejected, 11 not applicable.
+
+ -- Ben Stack <bgstack15@gmail.com>  Thu, 26 Mar 2020 05:50:02 -0400
+
 palemoon (28.8.4-1+devuan) obs; urgency=low
 
   * From releasenotes.shtml: This is a small security and compatibility update.
diff --git a/palemoon/debian/palemoon_devuan.dsc b/palemoon/debian/palemoon_devuan.dsc
index e301989..bab8577 100644
--- a/palemoon/debian/palemoon_devuan.dsc
+++ b/palemoon/debian/palemoon_devuan.dsc
@@ -2,7 +2,7 @@ Format: 3.0 (quilt)
 Source: palemoon
 Binary: palemoon
 Architecture: any
-Version: 28.8.4-1+devuan
+Version: 28.9.0.2-1+devuan
 Maintainer: B Stack <bgstack15@gmail.com>
 Homepage: http://www.palemoon.org/
 Standards-Version: 3.9.6
diff --git a/palemoon/palemoon.spec b/palemoon/palemoon.spec
index 6a81708..675b854 100644
--- a/palemoon/palemoon.spec
+++ b/palemoon/palemoon.spec
@@ -40,7 +40,7 @@ Summary:	Pale Moon web browser with stackrpms prefs
 Name:    palemoon
 Summary:	Pale Moon web browser
 %endif
-Version:	28.8.4
+Version:	28.9.0.2
 Release:	1
 
 Group:	Networking/Web
@@ -279,6 +279,9 @@ update-mime-database -n ${_datadir}/mime 1>/dev/null 2>&1 & :
 %doc AUTHORS LICENSE
 
 %changelog
+* Thu Mar 26 2020 B Stack <bgstack15@gmail.com> - 28.9.0.2-1
+- update version
+
 * Mon Mar 02 2020 B Stack <bgstack15@gmail.com> - 28.8.4-1
 - update version